Commit | Line | Data |
---|---|---|
58790314 JK |
1 | /* |
2 | * Copyright (c) 2016-2017, Mellanox Technologies. All rights reserved. | |
3 | * Copyright (c) 2016-2017, Dave Watson <davejwatson@fb.com>. All rights reserved. | |
4 | * | |
5 | * This software is available to you under a choice of one of two | |
6 | * licenses. You may choose to be licensed under the terms of the GNU | |
7 | * General Public License (GPL) Version 2, available from the file | |
8 | * COPYING in the main directory of this source tree, or the | |
9 | * OpenIB.org BSD license below: | |
10 | * | |
11 | * Redistribution and use in source and binary forms, with or | |
12 | * without modification, are permitted provided that the following | |
13 | * conditions are met: | |
14 | * | |
15 | * - Redistributions of source code must retain the above | |
16 | * copyright notice, this list of conditions and the following | |
17 | * disclaimer. | |
18 | * | |
19 | * - Redistributions in binary form must reproduce the above | |
20 | * copyright notice, this list of conditions and the following | |
21 | * disclaimer in the documentation and/or other materials | |
22 | * provided with the distribution. | |
23 | * | |
24 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, | |
25 | * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF | |
26 | * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND | |
27 | * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS | |
28 | * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN | |
29 | * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN | |
30 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE | |
31 | * SOFTWARE. | |
32 | */ | |
33 | ||
34 | #ifndef _TLS_INT_H | |
35 | #define _TLS_INT_H | |
36 | ||
37 | #include <asm/byteorder.h> | |
38 | #include <linux/types.h> | |
39 | #include <linux/skmsg.h> | |
40 | #include <net/tls.h> | |
41 | ||
42 | #define __TLS_INC_STATS(net, field) \ | |
43 | __SNMP_INC_STATS((net)->mib.tls_statistics, field) | |
44 | #define TLS_INC_STATS(net, field) \ | |
45 | SNMP_INC_STATS((net)->mib.tls_statistics, field) | |
46 | #define TLS_DEC_STATS(net, field) \ | |
47 | SNMP_DEC_STATS((net)->mib.tls_statistics, field) | |
48 | ||
49 | /* TLS records are maintained in 'struct tls_rec'. It stores the memory pages | |
50 | * allocated or mapped for each TLS record. After encryption, the records are | |
51 | * stores in a linked list. | |
52 | */ | |
53 | struct tls_rec { | |
54 | struct list_head list; | |
55 | int tx_ready; | |
56 | int tx_flags; | |
57 | ||
58 | struct sk_msg msg_plaintext; | |
59 | struct sk_msg msg_encrypted; | |
60 | ||
61 | /* AAD | msg_plaintext.sg.data | sg_tag */ | |
62 | struct scatterlist sg_aead_in[2]; | |
63 | /* AAD | msg_encrypted.sg.data (data contains overhead for hdr & iv & tag) */ | |
64 | struct scatterlist sg_aead_out[2]; | |
65 | ||
66 | char content_type; | |
67 | struct scatterlist sg_content_type; | |
68 | ||
69 | char aad_space[TLS_AAD_SPACE_SIZE]; | |
70 | u8 iv_data[MAX_IV_SIZE]; | |
71 | struct aead_request aead_req; | |
72 | u8 aead_req_ctx[]; | |
73 | }; | |
74 | ||
75 | int __net_init tls_proc_init(struct net *net); | |
76 | void __net_exit tls_proc_fini(struct net *net); | |
77 | ||
78 | struct tls_context *tls_ctx_create(struct sock *sk); | |
79 | void tls_ctx_free(struct sock *sk, struct tls_context *ctx); | |
80 | void update_sk_prot(struct sock *sk, struct tls_context *ctx); | |
81 | ||
82 | int wait_on_pending_writer(struct sock *sk, long *timeo); | |
83 | int tls_sk_query(struct sock *sk, int optname, char __user *optval, | |
84 | int __user *optlen); | |
85 | int tls_sk_attach(struct sock *sk, int optname, char __user *optval, | |
86 | unsigned int optlen); | |
87 | void tls_err_abort(struct sock *sk, int err); | |
88 | ||
89 | int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx); | |
90 | void tls_update_rx_zc_capable(struct tls_context *tls_ctx); | |
91 | void tls_sw_strparser_arm(struct sock *sk, struct tls_context *ctx); | |
92 | void tls_sw_strparser_done(struct tls_context *tls_ctx); | |
93 | int tls_sw_sendmsg(struct sock *sk, struct msghdr *msg, size_t size); | |
94 | int tls_sw_sendpage_locked(struct sock *sk, struct page *page, | |
95 | int offset, size_t size, int flags); | |
96 | int tls_sw_sendpage(struct sock *sk, struct page *page, | |
97 | int offset, size_t size, int flags); | |
98 | void tls_sw_cancel_work_tx(struct tls_context *tls_ctx); | |
99 | void tls_sw_release_resources_tx(struct sock *sk); | |
100 | void tls_sw_free_ctx_tx(struct tls_context *tls_ctx); | |
101 | void tls_sw_free_resources_rx(struct sock *sk); | |
102 | void tls_sw_release_resources_rx(struct sock *sk); | |
103 | void tls_sw_free_ctx_rx(struct tls_context *tls_ctx); | |
104 | int tls_sw_recvmsg(struct sock *sk, struct msghdr *msg, size_t len, | |
105 | int flags, int *addr_len); | |
106 | bool tls_sw_sock_is_readable(struct sock *sk); | |
107 | ssize_t tls_sw_splice_read(struct socket *sock, loff_t *ppos, | |
108 | struct pipe_inode_info *pipe, | |
109 | size_t len, unsigned int flags); | |
110 | ||
111 | int tls_device_sendmsg(struct sock *sk, struct msghdr *msg, size_t size); | |
112 | int tls_device_sendpage(struct sock *sk, struct page *page, | |
113 | int offset, size_t size, int flags); | |
114 | int tls_tx_records(struct sock *sk, int flags); | |
115 | ||
116 | void tls_sw_write_space(struct sock *sk, struct tls_context *ctx); | |
117 | void tls_device_write_space(struct sock *sk, struct tls_context *ctx); | |
118 | ||
119 | int tls_process_cmsg(struct sock *sk, struct msghdr *msg, | |
120 | unsigned char *record_type); | |
121 | int decrypt_skb(struct sock *sk, struct sk_buff *skb, | |
122 | struct scatterlist *sgout); | |
123 | ||
124 | int tls_sw_fallback_init(struct sock *sk, | |
125 | struct tls_offload_context_tx *offload_ctx, | |
126 | struct tls_crypto_info *crypto_info); | |
127 | ||
128 | static inline struct tls_msg *tls_msg(struct sk_buff *skb) | |
129 | { | |
130 | struct sk_skb_cb *scb = (struct sk_skb_cb *)skb->cb; | |
131 | ||
132 | return &scb->tls; | |
133 | } | |
134 | ||
135 | #ifdef CONFIG_TLS_DEVICE | |
816cd168 | 136 | int tls_device_init(void); |
58790314 JK |
137 | void tls_device_cleanup(void); |
138 | int tls_set_device_offload(struct sock *sk, struct tls_context *ctx); | |
139 | void tls_device_free_resources_tx(struct sock *sk); | |
140 | int tls_set_device_offload_rx(struct sock *sk, struct tls_context *ctx); | |
141 | void tls_device_offload_cleanup_rx(struct sock *sk); | |
142 | void tls_device_rx_resync_new_rec(struct sock *sk, u32 rcd_len, u32 seq); | |
143 | int tls_device_decrypted(struct sock *sk, struct tls_context *tls_ctx, | |
144 | struct sk_buff *skb, struct strp_msg *rxm); | |
145 | #else | |
816cd168 | 146 | static inline int tls_device_init(void) { return 0; } |
58790314 JK |
147 | static inline void tls_device_cleanup(void) {} |
148 | ||
149 | static inline int | |
150 | tls_set_device_offload(struct sock *sk, struct tls_context *ctx) | |
151 | { | |
152 | return -EOPNOTSUPP; | |
153 | } | |
154 | ||
155 | static inline void tls_device_free_resources_tx(struct sock *sk) {} | |
156 | ||
157 | static inline int | |
158 | tls_set_device_offload_rx(struct sock *sk, struct tls_context *ctx) | |
159 | { | |
160 | return -EOPNOTSUPP; | |
161 | } | |
162 | ||
163 | static inline void tls_device_offload_cleanup_rx(struct sock *sk) {} | |
164 | static inline void | |
165 | tls_device_rx_resync_new_rec(struct sock *sk, u32 rcd_len, u32 seq) {} | |
166 | ||
167 | static inline int | |
168 | tls_device_decrypted(struct sock *sk, struct tls_context *tls_ctx, | |
169 | struct sk_buff *skb, struct strp_msg *rxm) | |
170 | { | |
171 | return 0; | |
172 | } | |
173 | #endif | |
174 | ||
175 | int tls_push_sg(struct sock *sk, struct tls_context *ctx, | |
176 | struct scatterlist *sg, u16 first_offset, | |
177 | int flags); | |
178 | int tls_push_partial_record(struct sock *sk, struct tls_context *ctx, | |
179 | int flags); | |
180 | void tls_free_partial_record(struct sock *sk, struct tls_context *ctx); | |
181 | ||
182 | static inline bool tls_is_partially_sent_record(struct tls_context *ctx) | |
183 | { | |
184 | return !!ctx->partially_sent_record; | |
185 | } | |
186 | ||
187 | static inline bool tls_is_pending_open_record(struct tls_context *tls_ctx) | |
188 | { | |
189 | return tls_ctx->pending_open_record_frags; | |
190 | } | |
191 | ||
192 | static inline bool tls_bigint_increment(unsigned char *seq, int len) | |
193 | { | |
194 | int i; | |
195 | ||
196 | for (i = len - 1; i >= 0; i--) { | |
197 | ++seq[i]; | |
198 | if (seq[i] != 0) | |
199 | break; | |
200 | } | |
201 | ||
202 | return (i == -1); | |
203 | } | |
204 | ||
205 | static inline void tls_bigint_subtract(unsigned char *seq, int n) | |
206 | { | |
207 | u64 rcd_sn; | |
208 | __be64 *p; | |
209 | ||
210 | BUILD_BUG_ON(TLS_MAX_REC_SEQ_SIZE != 8); | |
211 | ||
212 | p = (__be64 *)seq; | |
213 | rcd_sn = be64_to_cpu(*p); | |
214 | *p = cpu_to_be64(rcd_sn - n); | |
215 | } | |
216 | ||
217 | static inline void | |
218 | tls_advance_record_sn(struct sock *sk, struct tls_prot_info *prot, | |
219 | struct cipher_context *ctx) | |
220 | { | |
221 | if (tls_bigint_increment(ctx->rec_seq, prot->rec_seq_size)) | |
222 | tls_err_abort(sk, -EBADMSG); | |
223 | ||
224 | if (prot->version != TLS_1_3_VERSION && | |
225 | prot->cipher_type != TLS_CIPHER_CHACHA20_POLY1305) | |
226 | tls_bigint_increment(ctx->iv + prot->salt_size, | |
227 | prot->iv_size); | |
228 | } | |
229 | ||
230 | static inline void | |
231 | tls_xor_iv_with_seq(struct tls_prot_info *prot, char *iv, char *seq) | |
232 | { | |
233 | int i; | |
234 | ||
235 | if (prot->version == TLS_1_3_VERSION || | |
236 | prot->cipher_type == TLS_CIPHER_CHACHA20_POLY1305) { | |
237 | for (i = 0; i < 8; i++) | |
238 | iv[i + 4] ^= seq[i]; | |
239 | } | |
240 | } | |
241 | ||
242 | static inline void | |
243 | tls_fill_prepend(struct tls_context *ctx, char *buf, size_t plaintext_len, | |
244 | unsigned char record_type) | |
245 | { | |
246 | struct tls_prot_info *prot = &ctx->prot_info; | |
247 | size_t pkt_len, iv_size = prot->iv_size; | |
248 | ||
249 | pkt_len = plaintext_len + prot->tag_size; | |
250 | if (prot->version != TLS_1_3_VERSION && | |
251 | prot->cipher_type != TLS_CIPHER_CHACHA20_POLY1305) { | |
252 | pkt_len += iv_size; | |
253 | ||
254 | memcpy(buf + TLS_NONCE_OFFSET, | |
255 | ctx->tx.iv + prot->salt_size, iv_size); | |
256 | } | |
257 | ||
258 | /* we cover nonce explicit here as well, so buf should be of | |
259 | * size KTLS_DTLS_HEADER_SIZE + KTLS_DTLS_NONCE_EXPLICIT_SIZE | |
260 | */ | |
261 | buf[0] = prot->version == TLS_1_3_VERSION ? | |
262 | TLS_RECORD_TYPE_DATA : record_type; | |
263 | /* Note that VERSION must be TLS_1_2 for both TLS1.2 and TLS1.3 */ | |
264 | buf[1] = TLS_1_2_VERSION_MINOR; | |
265 | buf[2] = TLS_1_2_VERSION_MAJOR; | |
266 | /* we can use IV for nonce explicit according to spec */ | |
267 | buf[3] = pkt_len >> 8; | |
268 | buf[4] = pkt_len & 0xFF; | |
269 | } | |
270 | ||
271 | static inline | |
272 | void tls_make_aad(char *buf, size_t size, char *record_sequence, | |
273 | unsigned char record_type, struct tls_prot_info *prot) | |
274 | { | |
275 | if (prot->version != TLS_1_3_VERSION) { | |
276 | memcpy(buf, record_sequence, prot->rec_seq_size); | |
277 | buf += 8; | |
278 | } else { | |
279 | size += prot->tag_size; | |
280 | } | |
281 | ||
282 | buf[0] = prot->version == TLS_1_3_VERSION ? | |
283 | TLS_RECORD_TYPE_DATA : record_type; | |
284 | buf[1] = TLS_1_2_VERSION_MAJOR; | |
285 | buf[2] = TLS_1_2_VERSION_MINOR; | |
286 | buf[3] = size >> 8; | |
287 | buf[4] = size & 0xFF; | |
288 | } | |
289 | ||
290 | #endif |